WatchGuard Security Week in Review: Post Vacation Edition

If you follow my weekly security recap vlog, you probably noticed I didn’t post a WatchGuard Security Week in Review video last week. Instead, I was soaking up some rays on the beach. Ok… I was on a Washington state beach so there weren’t many “rays” involved — but at least there was sand.

Anyway, my scheduled vacation prevented me from posting the video last week. I would have mentioned the lack of video in a blog post, but I felt that the Security Center had its share of posts during an extremely hectic Black Patch Tuesday, and didn’t want to bother you with yet another one.

To make up for it, I’m posting a belated text-version of last week’s security news summary. If you’re interested in the important and interesting security stories you may have missed last week, check out the bulleted-list below. You can expect my video summaries to resume this Friday, though this week may be an “on the road” episode:

Shamoon malware wipes HD and MBR – An Israeli security firm called Seculert discovered a malware variant that steals info, then erases your hard drive (HD) and wipes your master boot record (MBR), preventing your computer from booting. Though the malware has infected at least one Middle Eastern energy company, experts do not think Shamoon comes from the same authors as other APTs.

Citadel trojan seems to target airline employees- A security company found a version of the Citadel botnet trojan that seems to target airlines, by attempting to steal employees’ VPN credentials. The malware specifically tries to capture some of the additional authentication tokens certain VPN clients require.

Blizzard credential breach – Blizzard is the latest victim of yet another password/credential breach. Though Blizzard salts their hash, you should still change your Blizzard credentials

Anonymous claims another PSN hack; Sony says no – In a tweet and Pastebin post, Anonymous claims they breached Sony PSN network again, and stole the information from 10 million PSN users. Sony says the breach didn’t happen. Chalk this one up to an Anonymous hoax.

Tridium releases ICS software patches – Tridium creates automation software for lighting and HVAC systems. US-CERT warned of many vulnerabilities in their software, and Tridium released updates to fix them this week. Just more evidence of how digital attacks can affect physical infrastructure.

Android malware triples in a quarter- One of WatchGuard’s partners, Kaspersky, released a security report last week that included some interesting facts about mobile malware. They found that Android malware has increased three-fold, and mostly focuses on SMS trojans that steal money.

Wikileaks Trapwire release and DDoS attack- A few weekends ago, Wikileaks released information about how certain agencies are leveraging video surveillance systems to track people (codenamed Trapwire). Shortly after this release, the Wikileaks site suffered DDoS attacks from a group called Antileaks. Antileaks says the incidents are unrelated.

Well, that covers the biggest security news from last week. On an unrelated note, I saw a video last week that does a great job of summarizing DEF CON 20. I can’t directly embed the video here, but you can find it in this article. If you missed DEF CON, and want to get its general vibe, I recommend checking the video out.

About Corey Nachreiner

Corey Nachreiner has been with WatchGuard since 1999 and has since written more than a thousand concise security alerts and easily-understood educational articles for WatchGuard users. His security training videos have generated hundreds of letters of praise from thankful customers and accumulated more than 100,000 views on YouTube and Google Video. A Certified Information Systems Security Professional (CISSP), Corey speaks internationally and is often quoted by other online sources, including C|NET, eWeek, and Slashdot. Corey enjoys "modding" any technical gizmo he can get his hands on, and considers himself a hacker in the old sense of the word.